Demonetisation: FireEye Warns of Increased Cyberattacks on ATMs in India

ATMs in underdeveloped countries are particularly vulnerable as those countries still have old ATM software and are running Windows XP.

Image is used for representation purpose only. (Photo: Reuters)

At a time when people are making serpentine queues at ATM kiosks to withdraw cash owing to demonetisation, a new report said that cyber attacks on ATMs will rise in the Asia-Pacific (APAC) region in 2017.

"We have seen a big focus on ATM attacks in the APAC region, including in India. ATMs in underdeveloped countries are particularly vulnerable as those countries still have old ATM software and are running Windows XP. This makes them the perfect target for an easier score," US-based cyber security company FireEye claimed in its "2017 Security Landscape-Asia Pacific Edition" report.

Recently, some premier Indian banks blocked debit cards that were compromised (the numbers ran into millions) in one of the financial sector's biggest data breaches.

The State Bank of India (SBI), HDFC Bank, ICICI Bank, Axis Bank and YES Bank were among banks which reported several of their customers' debit cards being compromised following a malware-related security breach in an ATM network. The SBI blocked nearly 600,000 debit cards.

This came on the heels of malware attacks and cyber threats that affected countries like Japan and Bangladesh this year.

"With the continued rise in ransomware activities across the globe, religious organisations may unexpectedly become a target of cyber criminals in 2017, adding that much of the threat activity in the Asia-Pacific region is from China," FireEye continued.

While talking about investments in security that organisations will make in 2017, FireEye predicts organisations making significant investments in the form of orchestration and automation in 2017.

"Organisations seeking to simplify everything in 2017 will set their sights on integration. A single pane of glass for all security needs will drastically improve the organisation's security posture and show companies the true value of all the products they have acquired," the report noted.

In general, the proliferation of cyber-physical systems and the Internet of Things (IoT) would present new opportunities for adversaries to abuse their connectivity and cause disruption at scale for a bigger payoff.

"The combination of tools such as ransomware with more formalised illicit software-as-a-service (SaaS) franchised business models will become a more attractive and lucrative option for criminals with the proper skillsets and motivations," FireEye pointed out.

Recently, a hacker group called Cobalt targeted ATMs across Europe and remotely attacked the machines using malicious software that manipulated the systems which led the machines to automatically dispense huge amount of cash.